Monday, March 16, 2009

Credit Card Phishing -- What it Means and How to Prevent It

Phishing (the attempt to obtain an individual's credit card and other personal information for fraudulent use) has become a part of the American lexicon in recent years, and it doesn't involve a lazy afternoon sitting on the dock with a cold beverage. This type of phishing is an insidious form of fraud primarily being perpetrated by thieves who pretend to represent legitimate companies through email and telemarketing in order to get information about individuals' credit cards.

While the advent of the Internet has created an incredible advancement in convenience, including the use of credit cards for online payments, it has also proved to be a boon for those who wish to commit fraud. The theft of information over the Internet has been somewhat tempered by online security measures and consumers can generally feel secure when shopping on websites that display a lock icon and an "https" heading in the Internet browser. These are indications that an online retailer offers a highly secure website employing the latest in secure socket layer technology, which fully encrypts personal and credit card account data.

The situations that consumers need to guard against almost always involve an individual voluntarily handing over sensitive personal information. When would anyone willingly do this, you ask? It happens everyday according to Internet security professionals. What happens is a person will receive an official looking email from a trusted source, such as their bank, Paypal or eBay. In other words, a source with which the consumer has had past dealings and with whom they already have an online account established. The fraudulent email will come with all the right wording and company logos and will typically profess to be doing a security check, requiring the customer to verify personal information.

Since the advent of these so called phishing scams, most financial companies and online retailers have advised customers to never provide personal information through an unsolicited email. Reputable companies will never ask for such information and consumers should be highly suspicious of any such requests on their behalf. Most banks and retailers ask that suspicious emails involving credit card accounts be reported to them in order for their internal security teams to stay abreast of the latest phishing techniques.

So how do you keep your personal information personal? Don't respond to any requests that you haven't initiated when it comes to providing sensitive data, such as date of birth, social security number, mother's maiden name or the 3-digit security code on the back of your card. Even if someone calls you up and says they are with your credit card company investigating a potential identity theft. This new scam being perpetrated involves stolen credit card numbers that are used to contact the real cardholders in order to obtain the security code on the back of the credit card. Once this code is obtained thieves can use a victim's credit card to shop online almost anywhere, completely anonymously.

No comments: